On Tue, Jun 16, 2020 at 07:39:30AM -0600, David Ahern wrote: > > > > Indeed. I must have been looking at -net. Both -net and -net-next have > > it conditional, so yes a fixup patch is needed. > > > > I see that both net and net-next still have the conditional in xfrm_output: > > #ifdef CONFIG_NETFILTER > IPCB(skb)->flags |= IPSKB_XFRM_TRANSFORMED; > #endif > break; > case AF_INET6: > memset(IP6CB(skb), 0, sizeof(*IP6CB(skb))); > > #ifdef CONFIG_NETFILTER > IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED; > #endif > > Did you submit the merge fix? If not, I can do it today. I still have it in the ipsec tree, I'll do a pull request this week. The fixup will go to the net tree then. It should be already in linux-next.
